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(54) Promiscuous network monitoring utilizing multicasting within a switch 



(57) Multicasting within a switch is utilized to promis- 
cuously monitor switched communication networks. 
The switch routes data packets from input ports to data 
output ports and routes copies of the data packets to a 



monitor output port. A monitor processor is connected 
to the switch to receive copies of all data packets re- 
ceived at the switch, and thereby monitor the communi- 
cation network. 
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ports' data packet copies are routed to which monitor 
output ports. Of course, the present invention can be 
configured with more than two monitor output ports. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 illustrates a prior art approach for promiscu- 
ous monitoring of a communication network. 

Fig. 2 shows a wide area network illustrative of the 
configuration and operation of a contemporary commu- 
nications network. 

Fig. 3 illustrates a switch and promiscuous monitor 



-accordmg-icr^n-embc^ime"nt"orthe present invention. 

Fig. 4 illustrates a multicasting routing methodology 
to perform promiscuous monitoring within the switch 
shown in Fig. 3. 

Figs. 5A and 5B shows a switch with multiple mon- 
itor output ports according to a second embodiment of 
the present invention. 

Fig. 6 shows a switch with multiple monitor output 
ports and output port-based monitoring according to a 
third embodiment of the present invention. 



communications devices in the network. The term "in- 
formation" as used herein is intended to include data, 
text, voice, video, etc. Information from communications 
device 40 is characterized by a set of transmission and/ 

s or rate parameters related to network link and buffer re- 
quirements needed to accommodate transmission of 
such information. Control information can be communi- 
cated from communication device 40 to a switch at 
switching node 20 to specify the rate/buffer require- 

io ments. 

Communications networks will often use a network- 
ing protocol called Asynchronou s Transfer MnHn (ATM). 



DETAILED DESCRIPTION 

Networks are a principal means of exchanging or 
transferring information (e.g., data, voice, text, video, 
etc.) among communications devices (i.e., devices for 
inputting and/or outputting information such as compu- 
ter terminals, multimedia workstations, fax machines, 
printers, servers, telephones, videophones, etc.) con- 
nected to the network(s). A network typically comprises 
switching nodes connected to each other, and to com- 
munication devices, by links. 

Fig. 2 shows a wide area network illustrative of the 
configuration and operation of a contemporary commu- 
nications network. Network 10 comprises a plurality of 
switching nodes 20 and links 30. Each of the switching 
nodes 20 may also have associated therewith a buffer 
of predetermined size and each of the links 30 will have 
associated therewith a predetermined traffic handling 
capacity. Note that the depiction of a network comprising 
only five switching nodes is for convenience of illustra- 
tion, and that an operating network may have a much 
larger number of switching nodes and associated con- 
necting links. 

Various switching nodes are shown illustratively 
connected to communications devices 40. It should be 
understood that the single communications devices 
shown connected to the switching nodes in the figure 
are used for simplicity of illustration, and that an actual 
implementation of such a network would ordinarily have 
a number of communications devices connected at such 
switching nodes. Note, as well, that the illustrated com- 
munications devices may also represent another net- 
work, such as a LAN, which is connected to network 10. 

Each communications device 40 generates infor- 
mation for use by, or receives information from, other 



In these networks, all communication at the ATM layer 
. is in terms of fixed-size information segments, called 
'5 "cells" in ATM terminology. An ATM cell consists of 48 
bytes of payload and 5 bytes for the ATM-layer header. 
Routing of cells is accomplished through cell switches. 
Packets of information may be broken up (or segment- 
ed) into multiple cells, each cell carrying the 48 bytes of 
20 information sequentially. The destination reassembles 
the cells received into the original packet. 

ATM cells can be carried on a virtual circuit (VC) 
that must be set up such that received cells can be rout- 
ed to multiple ports at a switch. Permanent VC connec- 
ts tions can be easily set up through switch management; 
switched VC connections, however, need to be set up 
on a more dynamic basis. 

Fig. 3 illustrates a switch and promiscuous monitor 
according to an embodiment of the present invention. 
30 As shown in Fig. 3, switch 200 has three input ports, 
three data output ports, and a monitor output port. Al- 
though switch 200 shown in Fig. 3 has a certain number 
of ports for illustrative purposes, the present invention 
is equally applicable for any switch having any number 
3S of ports. 

Input links 201, 202 and 203 are connected to 
switch 200 at input ports 1 , 2 and 3, respectively, which 
are connected to interconnection network 210. Intercon- 
nection network 210 is connected to data output ports 
40 1,2 and 3. Output links 221 , 222 and 223 are connected 
to data output ports 1, 2 and 3, respectively. Intercon- 
nection network 210 is also connected to monitor port 1 
which is connected to promiscuous monitor processor 
230. 

45 Interconnection network 210 routes data packets 
received at an input port to the appropriate destination 
data output port(s). The number of input ports and/or 
output ports for switch 200 can exceed the number of 
links of the network connected to switch 200. Additional 
so output ports therefore are available for connecting one 
or more promiscuous monitors. In addition to switching 
communication data packets between the input ports 
and the data output ports, interconnection network 210 
also routes a copy of data packets received at each input 
5 $ port or output port to the monitor output port 1 through 
the use of known point-to-multipoint multicasting tech- 
niques within a single switch. Point-to-multipoint multi- 
casting is the routing of a single message to multiple 
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being utilized. The present invention is equally applica- 
ble for any type of switch, such as an input-buffered 
switch, output-buffered switch and shared-memory 
switch. 



Claims 

1. A switch, within a switched communication network, 
for enabling promiscuous monitoring, comprising: 



routes a copy of the subset to said first monitor out- 
put port. 

10. The switch of claim 9, wherein said interconnection 
s network selects the subset on a dynamic basis. 

11. The switch of claim 9, wherein said interconnection 
network selects the subset on a virtual circuit basis. 

io 12. The switch of claim 1, further comprising: 



a plurality of input ports including a first input 
port, said plurality of input ports receiving a plu- 
rality of data packets including a first data pack- 
et and a second data packet; is 
a plurality of data output ports including a first 
data output port and a second data output port; 
a first monitor output port; and 
an interconnection network connected to i) said 
plurality of input ports, ii) said plurality of output 20 13. 
ports, and iii) said first monitor output port, said 
interconnection network routing the first data 
packet from the first input port to the first data 
output port, said interconnection network rout- 
ing a copy of the first data packet to said first 25 
monitor output port. 



a second monitor output port connected to said 
interconnection network; 
said interconnection network routes the second 
data packet from the second input port to the 
second data output port and routes a copy of 
the second data packet to said second monitor 
output port. 

The switch of claim 12, wherein said interconnec- 
tion network selects a first subset of the plurality of 
data packets and routes a copy of the first subset 
to said first monitor output port, said interconnection 
network selects a second subset of the plurality of 
data packets and routes a copy of the second sub- 
set to said second monitor output port. 



2. The switch of claim 1 , wherein a copy of each data 
packet of the plurality of data packets is routed to 
said first monitor output port. 

3. - The switch of claim 1, wherein a copy of a subset 

of the plurality of data packets is routed to said first 
monitor output port. 

4. The switch of claim 1 , wherein said interconnection 
network routes a copy of each data packet received 
at the first input port to said first monitor output port. 

5. The switch of claim 1 , wherein said interconnection 
network selects a subset of the plurality of data 
packets received at the first input port and routes a 
copy of the subset to said first monitor output port. 

6. The switch of claim 5, wherein said interconnection 
network selects the subset on a dynamic basis. 

7. The switch of claim 5, wherein said interconnection 
network selects the subset on a virtual circuit basis. 

8. The switch of claim 1 , wherein said interconnection 
network routes to said first monitor output port a 
copy of each data packet forwarded to the first data 
output port. 

9. The switch of claim 1 , wherein said interconnection 
network selects a subset of the plurality of data 
packets forwarded to the first data output port and 
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14. The switch of claim 13, wherein said interconnec- 
tion network balances the load between data pack- 
ets routed to said first monitor output port and data 
packets routed to said second monitor output port. 

15. The switch of claim 13, wherein said interconnec- 
tion network selects the first subset or second sub- 
set on a dynamic basis. 

16. The switch of claim 13, wherein said interconnec- 
tion network selects the first subset or second sub- 
set on a virtual circuit basis. 
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(57) Multicasting within a switch is utilized to promis- 
cuously monitor switched communication networks 
The switch routes data packets from input ports to data 
output ports and routes copies of the data packets to a 



monitor output port. A monitor processor is connected 
to the switch to receive copies of all data packets re- 
ceded at the switch, and thereby monitor the communi- 
cation network. 
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